Mark Walter
asked on
Gmail "Critical security alert" message, hacking attempt blocked (long post)
Hey, guys. Let me apologize in forward for this being a long post, but since this never happened to me before I just want to make sure I give you all the details to find out how this happened and help secure my account even more.
https://i.imgur.com/minU1zS.png
Recently I've received this message informing me that my account had a sign-in attempt blocked. Of course, this wasn't me since I've gotten this message both on my phone and my Gmail at 05:00 AM while I was sleeping so it leads me to believe that there was some hacking attempt and not some auto-login mistake some website or device I use made.
I live in Europe and the sign-in attempt was from the United States as seen in the picture below:
https://i.imgur.com/ClGJCcl.png
Now I have gone through all the Security Checkup steps from the link provided by Google in the first picture (assuming no-reply@accounts.google.c
I never give my passwords of any account to anyone and I'm extremely careful about what sites I use and where I log in with my Gmail account, so I honestly don't know how this happened. Any files I download I either download from a trustworthy source (Java, Microsoft, Google, etc...) or scan immediately with my antivirus programs to make sure it's safe to open.
I only have one suspicion as to what might cause this, and that is the recent Meltdown/Spectre vulnerability.
I have an Intel i5 2500K (2nd-Gen, Sandy Bridge) and a Windows 7 Ultimate x64 with the vulnerability patches/updates disabled. Now I know that I shouldn't have done that and that I'm exposing my PC to the vulnerability, the reason I did that is because those updates cause severe performance issues in video games, which is what majority of my time I'm doing on my PC.
Last question before closing:
When someone tries to access your account like this, do they actually get blocked and unable to change to change the password and use the account for any means? I'm asking this because my account is connected to my bank account and Paypal and other contact emails, so I'm wondering if those accounts as well are in jeopardy.
I've also removed any account access from unnecessary apps and websites in Manage Apps
This will be all, I hope someone will be able to help me figure this out. Once again I apologize for the long post.
Thanks in forward.
https://i.imgur.com/minU1zS.png
Recently I've received this message informing me that my account had a sign-in attempt blocked. Of course, this wasn't me since I've gotten this message both on my phone and my Gmail at 05:00 AM while I was sleeping so it leads me to believe that there was some hacking attempt and not some auto-login mistake some website or device I use made.
I live in Europe and the sign-in attempt was from the United States as seen in the picture below:
https://i.imgur.com/ClGJCcl.png
Now I have gone through all the Security Checkup steps from the link provided by Google in the first picture (assuming no-reply@accounts.google.c
I never give my passwords of any account to anyone and I'm extremely careful about what sites I use and where I log in with my Gmail account, so I honestly don't know how this happened. Any files I download I either download from a trustworthy source (Java, Microsoft, Google, etc...) or scan immediately with my antivirus programs to make sure it's safe to open.
I only have one suspicion as to what might cause this, and that is the recent Meltdown/Spectre vulnerability.
I have an Intel i5 2500K (2nd-Gen, Sandy Bridge) and a Windows 7 Ultimate x64 with the vulnerability patches/updates disabled. Now I know that I shouldn't have done that and that I'm exposing my PC to the vulnerability, the reason I did that is because those updates cause severe performance issues in video games, which is what majority of my time I'm doing on my PC.
Last question before closing:
When someone tries to access your account like this, do they actually get blocked and unable to change to change the password and use the account for any means? I'm asking this because my account is connected to my bank account and Paypal and other contact emails, so I'm wondering if those accounts as well are in jeopardy.
I've also removed any account access from unnecessary apps and websites in Manage Apps
This will be all, I hope someone will be able to help me figure this out. Once again I apologize for the long post.
Thanks in forward.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For author advice
No further inputs received.
ASKER
Thanks for the reply, anyway yeah, I forgot to mention that I activated 2-FA after changing the password for an extra layer of security.
No, I'm not using the same password anywhere, to make sure something like this doesn't happen (and unfortunately it did).
Checking email at haveibeenpwned does not reveal any issues or breaches.
The only recovery details that are stored in my mail are additional email accounts used for recovery in case I forget my password, or in cases like these, so I'm not sure how much other accounts are in danger but I changed the password on them too nonetheless.
Right now, I don't think that's anything serious but the person could be using a VPN to mask his IP and location.
By respond do you mean, did I reply to the email or did I click that blue button, because I didn't do the former but I did the latter as the email looked genuine because on whatever google website I go (news.google, docs.google etc...) I had a red bar warning me of this attempted sign-in.